UbuntuUSN-1755-2OpenJDK 7 vulnerabilities
9.8 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.966 High
EPSS
Percentile
99.6%
Releases
- Ubuntu 12.10
Packages
- openjdk-7 - Open Source Java implementation
Details
USN-1755-1 fixed vulnerabilities in OpenJDK 6. This update provides the
corresponding updates for OpenJDK 7.
Original advisory details:
It was discovered that OpenJDK did not properly validate certain types
of images. A remote attacker could exploit this to cause OpenJDK to crash.
(CVE-2013-0809)
It was discovered that OpenJDK did not properly check return values when
performing color conversion for images. If a user were tricked into
opening a crafted image with OpenJDK, such as with the Java plugin, a
remote attacker could cause OpenJDK to crash or execute arbitrary code
outside of the Java sandbox with the privileges of the user invoking the
program. (CVE-2013-1493)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.10 | noarch | openjdk-7-jre-zero | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-7-jre-cacao | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-7-jre-jamvm | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-dbg | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-demo | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-jdk | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-jre | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-jre-headless | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | openjdk-7-jre-lib | <ย 7u15-2.3.7-0ubuntu1~12.10.1 | UNKNOWN |
Related
9.8 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.966 High
EPSS
Percentile
99.6%